From 8bef369dff41f73a511a0790c87198ba474bfaed Mon Sep 17 00:00:00 2001
From: LEAN-ESX <coolsnowwolf@gmail.com>
Date: Fri, 31 May 2019 07:00:38 -0700
Subject: [PATCH] luci-app-accesscontrol: add  strict mode support

---
 package/lean/luci-app-accesscontrol/Makefile  |  2 +-
 .../luasrc/controller/mia.lua                 |  8 ++++++-
 .../luasrc/model/cbi/mia.lua                  |  5 +++++
 .../luasrc/view/mia/mia_status.htm            | 22 +++++++++++++++++++
 .../luci-app-accesscontrol/po/zh-cn/mia.po    |  6 +++++
 .../root/etc/init.d/mia                       |  3 +++
 6 files changed, 44 insertions(+), 2 deletions(-)
 create mode 100644 package/lean/luci-app-accesscontrol/luasrc/view/mia/mia_status.htm

diff --git a/package/lean/luci-app-accesscontrol/Makefile b/package/lean/luci-app-accesscontrol/Makefile
index 7c07807ba..1da4e9dfc 100644
--- a/package/lean/luci-app-accesscontrol/Makefile
+++ b/package/lean/luci-app-accesscontrol/Makefile
@@ -11,7 +11,7 @@ LUCI_DEPENDS:=
 LUCI_PKGARCH:=all
 PKG_NAME:=luci-app-accesscontrol
 PKG_VERSION:=1
-PKG_RELEASE:=9
+PKG_RELEASE:=11
 
 include $(TOPDIR)/feeds/luci/luci.mk
 
diff --git a/package/lean/luci-app-accesscontrol/luasrc/controller/mia.lua b/package/lean/luci-app-accesscontrol/luasrc/controller/mia.lua
index e066252a1..38dc02a26 100644
--- a/package/lean/luci-app-accesscontrol/luasrc/controller/mia.lua
+++ b/package/lean/luci-app-accesscontrol/luasrc/controller/mia.lua
@@ -6,7 +6,13 @@ function index()
 	end
 
 	entry({"admin","services","mia"},cbi("mia"),_("Internet Access Schedule Control"),30).dependent=true
+	entry({"admin","services","mia","status"},call("act_status")).leaf=true
 
 end
 
-
+function act_status()
+  local e={}
+	e.running=luci.sys.call("iptables -L INPUT |grep MIA >/dev/null")==0
+  luci.http.prepare_content("application/json")
+  luci.http.write_json(e)
+end
diff --git a/package/lean/luci-app-accesscontrol/luasrc/model/cbi/mia.lua b/package/lean/luci-app-accesscontrol/luasrc/model/cbi/mia.lua
index 67e7fe409..cf850ec0f 100644
--- a/package/lean/luci-app-accesscontrol/luasrc/model/cbi/mia.lua
+++ b/package/lean/luci-app-accesscontrol/luasrc/model/cbi/mia.lua
@@ -1,5 +1,6 @@
 
 a=Map("mia",translate("Internet Access Schedule Control"),translate("Access Schedule Control Settins"))
+a:section(SimpleSection).template  = "mia/mia_status"
 
 t=a:section(TypedSection,"basic")
 t.anonymous=true
@@ -7,6 +8,10 @@ t.anonymous=true
 e=t:option(Flag,"enable",translate("Enabled"))
 e.rmempty=false
 
+e=t:option(Flag,"strict",translate("Strict Mode"))
+e.rmempty=false
+e.description = translate("Strict Mode will degrade CPU performance, but it can achieve better results")
+
 t=a:section(TypedSection,"macbind",translate("Client Rules"))
 t.template="cbi/tblsection"
 t.anonymous=true
diff --git a/package/lean/luci-app-accesscontrol/luasrc/view/mia/mia_status.htm b/package/lean/luci-app-accesscontrol/luasrc/view/mia/mia_status.htm
new file mode 100644
index 000000000..c971ee3c3
--- /dev/null
+++ b/package/lean/luci-app-accesscontrol/luasrc/view/mia/mia_status.htm
@@ -0,0 +1,22 @@
+<script type="text/javascript">//<![CDATA[
+XHR.poll(3, '<%=url([[admin]], [[services]], [[mia]], [[status]])%>', null,
+	function(x, data) {
+		var tb = document.getElementById('mia_status');
+		if (data && tb) {
+			if (data.running) {
+				var links = '<em><b><font color=green><%:Internet Access Schedule Control%> <%:RUNNING%></font></b></em>';
+				tb.innerHTML = links;
+			} else {
+				tb.innerHTML = '<em><b><font color=red><%:Internet Access Schedule Control%> <%:NOT RUNNING%></font></b></em>';
+			}
+		}
+	}
+);
+//]]>
+</script>
+<style>.mar-10 {margin-left: 50px; margin-right: 10px;}</style>
+<fieldset class="cbi-section">
+	<p id="mia_status">
+		<em><%:Collecting data...%></em>
+	</p>
+</fieldset>
diff --git a/package/lean/luci-app-accesscontrol/po/zh-cn/mia.po b/package/lean/luci-app-accesscontrol/po/zh-cn/mia.po
index 4c8f1d171..cc976522b 100644
--- a/package/lean/luci-app-accesscontrol/po/zh-cn/mia.po
+++ b/package/lean/luci-app-accesscontrol/po/zh-cn/mia.po
@@ -7,6 +7,12 @@ msgstr "设置客户端禁止访问互联网的时间"
 msgid "General switch"
 msgstr "开启/关闭"
 
+msgid "Strict Mode"
+msgstr "严格模式"
+
+msgid "Strict Mode will degrade CPU performance, but it can achieve better results"
+msgstr "严格模式会损耗部分CPU资源，但可以按照时间规则立即拦截数据包，效果更好"
+
 msgid "Client Rules"
 msgstr "客户端规则"
 
diff --git a/package/lean/luci-app-accesscontrol/root/etc/init.d/mia b/package/lean/luci-app-accesscontrol/root/etc/init.d/mia
index c25242750..7a84f51f9 100755
--- a/package/lean/luci-app-accesscontrol/root/etc/init.d/mia
+++ b/package/lean/luci-app-accesscontrol/root/etc/init.d/mia
@@ -73,9 +73,12 @@ start(){
   iptables -I INPUT -p tcp --dport 53 -m comment --comment "Rule For Control" -j MIA
   iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "Rule For Control"
   iptables -t nat -A PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "Rule For Control"
+  strict=$(uci get mia.@basic[0].strict)
+  [ $strict -eq 1 ] && iptables -t filter -I FORWARD -m comment --comment "Rule For Control" -j MIA
   add_rule 
 }
 stop(){
+  iptables -t filter -D FORWARD -m comment --comment "Rule For Control" -j MIA 2>/dev/null
   iptables -D INPUT -p udp --dport 53 -m comment --comment "Rule For Control" -j MIA 2>/dev/null
   iptables -D INPUT -p tcp --dport 53 -m comment --comment "Rule For Control" -j MIA 2>/dev/null
   iptables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "Rule For Control" 2>/dev/null